# Hirosuke YamamotoThe University of Tokyo | Todai

Hirosuke Yamamoto

PhD

## About

138

Publications

9,524

Reads

**How we measure 'reads'**

A 'read' is counted each time someone views a publication summary (such as the title, abstract, and list of authors), clicks on a figure, or views or downloads the full-text. Learn more

2,970

Citations

Citations since 2017

Introduction

Information Theory

**Skills and Expertise**

Additional affiliations

March 2004 - present

April 2001 - February 2004

March 1999 - March 2001

## Publications

Publications (138)

A general time-varying feedback coding scheme is proposed for M-user fully connected symmetric Gaussian interference channels. Based on the analysis of the general coding scheme, we prove a theorem which gives a criterion for designing good time-varying feedback codes for Gaussian interference channels. The proposed scheme improves the Suh-Tse and...

In 1989 we organized the first Benelux‐Japan workshop on Information and Communication theory in Eindhoven, the Netherlands. This year, 2019 we celebrate 30 years of our friendship between Asian and European scientists at the AEW11 in Rotterdam, the Netherlands. Many of the 1989 participants are also present at the 2019 event. This year we have man...

This year, 2019 we celebrate 30 years of our friendship between Asian and European scientists at the AEW11 in Rotterdam, the Netherlands. Many of the 1989 participants are also present at the 2019 event. This year we have many participants from different parts of Asia and Europe. It shows the importance of this event. It is a good tradition to pay...

A general time-varying feedback coding scheme is proposed for $M$-user fully connected symmetric Gaussian interference channels. Based on the analysis of the general coding scheme, we prove a theorem which gives a criterion for designing good time-varying feedback codes for Gaussian interference channels. The proposed scheme improves the Suh-Tse an...

In this paper, we treat (k, L, n) ramp secret sharing schemes (SSSs) that can detect impersonation attacks and/or substitution attacks. First, we derive lower bounds on the sizes of the shares and random number used in encoding for given correlation levels, which are measured by the mutual information of shares. We also derive lower bounds on the s...

The 10th Asia-Europe workshop in "Concepts in Information Theory and Communications" AEW10 was held in Boppard, Germany on June 21-23, 2017. It is based on a longstanding cooperation between Asian and European scientists. The first workshop was held in Eindhoven, the Netherlands in 1989. The idea of the workshop is threefold: 1) to improve the comm...

In communication through asymmetric channels the capacity-achieving input distribution is not uniform in general. Homophonic coding is a framework to invertibly convert a (usually uniform) message into a sequence with some target distribution, and is a promising candidate to generate codewords with the nonuniform target distribution for asymmetric...

In this paper, we propose two schemes, which enable any VF code to realize direct- or fast-access decoding for any long source sequence. Direct-access decoding means that any source symbol of any position can be directly decoded within constant time, not depending on the length of source sequence N, without decoding the whole codeword sequence. We...

Binary AIFV codes are lossless codes that generalize the class of instantaneous FV codes. The code uses two code trees and assigns source symbols to incomplete internal nodes as well as to leaves. AIFV codes are empirically shown to attain better compression ratio than Huffman codes. Nevertheless, an upper bound on the redundancy of optimal binary...

Homophonic coding is a framework to reversibly convert a message into a sequence with some target distribution. This is a promising tool to generate a codeword with a biased code-symbol distribution, which is required for capacity-achieving communication by asymmetric channels. It is known that asymptotically optimal homophonic coding can be realiz...

In the case of ordinary identification coding, a code is devised to identify a single object among N objects. But, in this paper, we consider a coding problem to identify K objects at once among N objects in the both cases that K objects are ranked or not ranked. By combining Moulin-Koetter scheme with the ε-almost strongly universal class of hash...

We propose almost instantaneous fixed-to-variable-length (AIFV) codes such
that two (resp. $K-1$) code trees are used if code symbols are binary (resp.
$K$-ary for $K \geq 3$), and source symbols are assigned to incomplete internal
nodes in addition to leaves. Although the AIFV codes are not instantaneous
codes, they are devised such that the decod...

For information transmission a discrete time channel with independent
additive Gaussian noise is used. There is also another channel with independent
additive Gaussian noise (the feedback channel), and the transmitter observes
without delay all outputs of the forward channel via that channel. Transmission
of nonexponential number of messages is con...

Private information retrieval scheme for coded data storage is considered in
this paper. We focus on the case where the size of each data record is large
and hence only the download cost (but not the upload cost for transmitting
retrieval queries) is of interest. We prove that the tradeoff between storage
cost and retrieval/download cost depends on...

In the case of ordinary identification coding, a code is devised to identify
a single object among $N$ objects. But, in this paper, we consider an
identification coding problem to identify $K$ objects at once among $N$ objects
in the both cases that $K$ objects are ranked or not ranked. By combining
Kurosawa-Yoshida scheme with Moulin-Koetter schem...

Anomaly detection within non-numerical sequence data has developed into an important topic of data mining, but comparatively little research has been done regarding anomaly detection without training data (unsupervised anomaly detection). One application found in computer security is the detection of a so-called masquerade attack, which consists of...

Conceptionally the User Datagram Protocol (UDP) should be well-suited for real-time applications, e.g., for Voice over IP (VoIP). However, many such applications, e.g., Skype, use the Transmission Control Protocol (TCP) either as a primary protocol or as a backup protocol when UDP is blocked, despite TCP's flow control-related data delays. This pap...

For information transmission a discrete time channel with independent additive Gaussian noise is used. There is also a feedback channel with independent additive Gaussian noise, and the transmitter observes without delay all outputs of the forward channel via that noisy feedback channel. Transmission of nonexponential number of messages is consider...

Posterior matching is a method proposed by Ofer Shayevitz and Meir Feder to
design capacity achieving coding schemes for general point-to-point memoryless
channel with feedback. The idea of posterior matching is that the transmitter
encapsulates the information that receiver does not know up to present time in
one random variable and then transmits...

This paper considers polar coding for asymmetric settings, that is, channel coding for asymmetric channels and lossy source coding for nonuniform sources and/or asymmetric distortion measures. The difficulty for asymmetric settings comes from the fact that the optimal symbol distributions of codewords are not always uniform. It is known that such n...

In this paper, K-ary almost instantaneous fixed-to-variable-length (AIFV) codes are proposed for K ≥ 3, and it is shown that the K-ary AIFV codes using K - 1 code trees can attain better compression than K-ary Huffman codes for stationary memoryless sources. Furthermore, it is also shown that binary relaxed AIFV codes with two code trees can beat b...

For information transmission a discrete time channel with independent
additive Gaussian noise is used. There is also feedback channel with
independent additive Gaussian noise, and the transmitter observes without delay
all outputs of the forward channel via that feedback channel. Transmission of
nonexponential number of messages is considered and t...

A discrete-time channel with independent additive Gaussian noise is used for information transmission. There is also a feedback channel with independent additive Gaussian noise, and the transmitter observes all outputs of the forward channel without delay via this feedback channel. Transmission of a nonexponential number of messages is considered (...

For information transmission a discrete time channel with independent additive Gaussian noise is used. There is also feedback channel with independent additive Gaussian noise, and the transmitter observes without delay all outputs of the forward channel via that feedback channel. Transmission of nonexponential number of messages is considered and t...

The subset sum problem, which is often called as the knapsack problem,
is known as an NP-hard problem, and there are several cryptosystems
based on the problem. Assuming an oracle for shortest vector problem of
lattice, the low-density attack algorithm by Lagarias and Odlyzko and
its variants solve the subset sum problem efficiently, when the
“dens...

Recently Linear Programming (LP) decoding is attracting much attention as an alternative to Belief Propagation (BP) decoding for LDPC codes. It is well known for the BP decoding that nonbinary LDPC codes can improve the decoding error probability considerably. On the other hand, Flanagan et al. proposed an LP decoding scheme for LDPC codes over fin...

In CRYPTO 2009, Heninger and Shacham presented a new method of recovering RSA private keys bit by bit given a fraction of private data, and analyzed resistance of RSA against the attack. They obtained a system of relations between RSA private variables and calculated the expected number of solution candidates. As they dealt with only RSA case, we c...

Arikan and Merhav proved joint source-channel coding theorems for guessing decoders based on Gallager's method. But, in this paper, only channel coding is considered to derive a stronger channel coding theorem for constant composition universal codes based on the method of types. Furthermore, the coding theorem is applied to the wiretap channel cod...

In this paper, Yamamoto-Itoh scheme, which is a blockwise variable length coding scheme originally proposed to the case of noiseless feedback, is generalized to the case of noisy feedback, and some lower bounds of the error exponent of the generalized Yamamoto-Itoh scheme are derived for discrete memoryless channels and additive white Gaussian chan...

We propose a randomness test based on the T-complexity of a sequence, which can be calculated using a parsing algorithm called T-decomposition. Recently, the Lempel-Ziv (LZ) randomness test based on LZ-complexity using the LZ78 incremental parsing was officially excluded from the NIST test suite in NIST SP 800-22. This is caused from the problem th...

Unsupervised anomaly detection is an important topic of data mining research, especially with respect to non-numerical sequence data. However, the majority of previous algorithms features empirical parameter selection. The contribution of this study is twofold: First, we show how the Akaike Information Criterion can be used to set the parameter of...

Ignatenko and Willems (2009) proved coding theorems for a biometric secret generation model and a biometric secret transmission model. But, they treated only the case of perfect secrecy and they did not consider the coding rate of a public channel. In this paper, we derive general coding theorems including the coding rate of a public channel in the...

A binary symmetric channel is used for information transmission. There is also another noisy binary symmetric channel (feedback
channel), and the transmitter observes without delay all outputs of the forward channel via the feedback channel. Transmission
of an exponential number of messages is considered (i.e., the transmission rate is positive). T...

In this paper, we discuss coding theorems on a $(2, 2)$--threshold scheme in
the presence of an opponent who impersonates one of the two shareholders in an
asymptotic setup. We consider a situation where $n$ secrets $S^n$ from a
memoryless source is blockwisely encoded to two shares and the two shares are
decoded to $S^n$ with permitting negligible...

We propose a new data compression scheme based on T-codes [3] using a dictionary method such that all phrases added to a dictionary have a recursive structure similar to T-codes. Our scheme can compress the Calgary Corpus more efficiently than known schemes based on T-codes [2] and the UNIX compress, a variant of LZ78.

In this paper, we discuss coding theorems on a $(2, 2)$--threshold scheme in
the presence of an opponent who impersonates one of the two shareholders in an
asymptotic setup. We consider a situation where $n$ secrets $S^n$ from a
memoryless source is blockwisely encoded to two shares and the two shares are
decoded to $S^n$ with permitting negligible...

In this paper, we focus on a (2,2)-threshold scheme in the presence of an opponent who impersonates one of the two participants. We consider an asymptotic setting where two shares are generated by an encoder blockwisely from an n-tuple of secrets generated from a stationary memoryless source and a uniform random number available only to the encoder...

Anomaly detection or novelty detection has emerged as a powerful tool for masquerade detection during the past decade. However,
the strong dependence of previous methods on uncontaminated training data is a matter of concern. We introduce a novel masquerade
detection algorithm based on a statistical test for system parameter drift of time series da...

It is shown that the T-complexity can be derived from a differential equation which represents how average codeword length increases by the T-augmentation. Furthermore, the proposed differential equation method can be applied to the LZ-complexity in the same way. This new approach is simple, and the obtained expressions coincide with the ones in pr...

LDPC codes initially studied for channel coding can be applied to source coding, and Miyake-Muramatsu showed theoretically that the rate-distortion function can be achieved asymptotically by using LDPC codes for any stationary memoryless finite source. In their scheme, a source sequence is first vector-quantized by using an LDPC matrix and then it...

Ngai-Yeung and Erez-Feder independently derived the capacity region of network coding with a single source and two sinks, in which a common message is sent from the source to both sinks but each private message is sent to only the corresponding sink. In this paper, it is shown that the above capacity region can be achieved by separate linear coding...

It is known that a secret sharing scheme (SSS) with perfect cheating detection cannot be realized because such a SSS requires infinite share rates. However, this impossibility comes from the fact that block coding is not used and any decoding error is not allowed in the SSS. Hence, in this paper, we consider a SSS constructed by block coding with a...

For the information transmission a binary symmetric channel is used. There is also another noisy binary symmetric channel (feedback channel), and the transmitter observes without delay all the outputs of the forward channel via that feedback channel. The overall transmission time is fixed. The transmission of a exponential number of messages (i.e....

In this paper, a new randomness test is proposed based on the T-complexity of a T-code, which is a variable-length self-synchronizing code introduced by Titchener in 1984. The proposed test can be used instead of the Lempel-Ziv compression test, which was removed from the NIST statistical test suite because the LZ-complexity has a defect such that...

Linear complexity can be used to detect predictable nonrandom sequences, and hence it is included in the NIST randomness test suite. But, as shown in this paper, the NIST test suite cannot detect nonrandom sequences that are generated, for instance, by concatenating two different M-sequences with low linear complexity. This defect comes from the fa...

Linear code linear programming (LCLP) proposed by Feldman is one of the promising methods to implement the lossy source coding process efficiently. In the encoding and decoding of a lossy source code constructed by sparse matrices, we propose auxiliary methods to obtain approximate optimal values in the case where the output of LCLP takes non-integ...

In this paper, we extend the work by M. Naor [7] on deniable ring authentication to include key establishment. Two secure deniable private key establishment protocols will be proposed. These two related schemes create only a secure private channel between Alice and Bob where the identity of Bob remains completely hidden. The first scheme does not r...

In a network with capacity h for multicast, information Xh = ( X 1 , X 2 , …, X h ) can be transmitted from a source node to sink nodes without error by a linear network code. Furthermore, secret information Sr = ( S 1 , S 2 , …, S r ) can be transmitted securely against wiretappers by k -secure network coding for k ≤ h−r . In this case, no informa...

For the information transmission a binary symmetric channel is used. There is also another noisy binary symmetric channel (feedback channel), and the transmitter observes without delay all the outputs of the forward channel via that feedback channel. The transmission of a nonexponential number of messages (i.e. the transmission rate equals zero) is...

A binary symmetric channel is considered. A transmitter observes without delay all the outputs of the forward channel via a noisy binary symmetric channel (a feedback). For illustrative purposes, we consider the transmission of only three messages. The best achievable error exponent for such a combination of channels is investigated. It is shown th...

The security level of the Shannon cipher system is traditionally measured by equivocation, where is a secret plaintext with length and is its cryptogram. But, Merhav and Arikan have considered another security criterion, which is measured by the number of guesses needed for a wiretapper to uncover from . Merhav has also considered the third securit...

The bit commitment can be realized by using a noisy channel. Winter-Nascimento-Imai showed that the bit commitment capacity of a noisy channel is given by C b = max PX(x) H(X|Y) where X and Y are the input and output of the channel. In this paper, the idea of a multiplex coding, which was first introduced into the coding problem of a wiretap channe...

It is shown in this paper that all internal nodes with the same subtree can be treated as a single state in a code tree of a fixed-to-variable length code (FV code) when we use Capocelli-Grango-Vaccaro algorithm and Even algorithm to check whether the FV code has a self-synchronizing string. Based on this reduced state representation, we characteri...

It is known that for any general access structure, a secret sharing scheme (SSS) can be constructed from an (m, m)-threshold scheme by using the so-called cumulative map or from a (t, m)-threshold SSS by a modified cumulative map. However, such constructed SSSs are not efficient generally. In this paper, a new method is proposed to construct a SSS...

The Move-to-front (MTF) scheme is a data-compression method which converts each symbol of a source sequence to a positive integer sequentially, and encodes it to a binary codeword. The compression performance of this algorithm has been analyzed usually under the assumption of the so-called symbol extension. But, in this paper, upper and lower bound...

It is known that a message can be transmitted safely against any wiretap per via a noisy channel without a secret key if the coding rate is less than the so-called secrecy capacity Cs, which is usually smaller than the channel capacity C. In order to remove the loss C - Cs, we propose a multiplex coding scheme with plural independent messages. In t...

It is known that a message can be transmitted safely against any wiretapper via a noisy channel without a secret key if the coding rate is less than the so-called secrecy capacity $C_S$, which is usually smaller than the channel capacity $C$. In order to remove the loss $C - C_S$, we propose a multiplex coding scheme with plural independent message...

In key management schemes that realize secure multicast communications encrypted by group keys on a public network, tree structures are often used to update the group keys efficiently. Selcuk and Sidhu have proposed an efficient scheme which updates dynamically the tree structures based on the withdrawal probabilities of members. In this paper, it...

Ramp secret sharing (SS) schemes can be classified into strong ramp SS schemes and weak ramp SS schemes. The strong ramp SS schemes do not leak out any part of a secret explicitly even in the case that some information about the secret leaks out from some set of shares, and hence, they are more desirable than the weak ramp SS schemes. In this paper...

This correspondence is concerned with asymptotic properties on the codeword length of a fixed-to-variable length code (FV code) for a general source {X<sup>n</sup>}<sub>n=1</sub><sup>∞</sup> with a finite or countably infinite alphabet. Suppose that for each n ≥ 1 X<sup>n</sup> is encoded to a binary codeword φ<sub>n</sub>(X<sup>n</sup>) of length...

Quantum secret sharing schemes encrypting a quantum state into a multipartite entangled state are treated. The lower bound on the dimension of each share given by Gottesman [Phys. Rev. A \textbf{61}, 042311 (2000)] is revisited based on a relation between the reversibility of quantum operations and the Holevo information. We also propose a threshol...

In key management schemes that realize secure multicast communications encrypted by group keys on a public network, tree structures are often used to update the group keys efficiently. Selcuk and Sidhu have proposed an efficient scheme which updates dynamically the tree structures based on the withdrawal probabilities of members. In this paper, it...

Ramp secret sharing (SS) schemes can be classified into strong ramp SS schemes and weak ramp SS schemes. The strong ramp SS schemes do not leak out any part of a secret explicitly even in the case where some information about the secret leaks from a non-qualified set of shares, and hence, they are more desirable than weak ramp SS schemes. However,...

It is known that for any general access structure, a secret sharing scheme (SSS) can be constructed from an (m, m)-threshold scheme by using the so-called cumulative map or from a (t, m)-threshold SSS by a modified cumulative map. However, such constructed SSSs are not efficient generally. In this paper, a new method is proposed to construct a SSS...

SUMMARY In this paper, a new method is proposed to con- struct a visual secret sharing scheme with a general access struc- ture for plural secret images. Although the proposed scheme can be considered as an extension of Droste's method that can encode

In this article, low-density parity-check (LDPC) codes are applied to lossy source coding and we study how the asymptotic performance of MacKay's (see ibid, vol.45, p.399-431, Mar. 1999 and vol.47, p.2101, July, 2001) LDPC codes depends on the sparsity of the parity-check matrices in the source coding of the binary independent and identically distr...

Abstract It is known that secret sharing schemes (SSSs) for general access structures can be constructed from the (k,n)-threshold schemes by using the so-called cumulative map. However, the original cumulative map can treat only the case of k = n. Furthermore, a known modified cumulative map that can deal with general (k,n)-threshold schemes is not...

SUMMARY In this paper, a method is proposed to construct an n-out-of-n visual secret sharing scheme for gray-scale images, for short an (n, n)-VSS-GS scheme, which is optimal in the sense of contrast and pixel expansion, i.e., resolution. It is shown that any (n, n)-VSS-GS scheme can be constructed based on the so- called polynomial representation...

In this paper, upper and lower bounds are derived for the redundancy of the move-to-front (MTF) scheme without the symbol extension for stationary ergodic sources and Markov sources. It is proved that for the stationary ergodic K-th order Markov sources, the MTF scheme can attain the entropy rate if and only if K=1 and the transition matrix of the...

One-shot coding and repeated coding are considered for the class
of almost instantaneous variable-to-fixed length (AIVF) codes,
C<sub>AIVF</sub>, which includes some nonproper VF codes in addition to
the class of proper VF codes, C<sub>PVF</sub>. An algorithm is given to
construct the average-sense optimal (a-optimal) AIVF code in one-shot
coding t...

SUMMARY This paper proposes a new construction of the visual secret sharing scheme for the (n, n)-threshold access struc- ture applicable to color images. The construction uses matrices with n rows that can be identified with homogeneous polynomi- als of degree n. It is shown that, if we find a set of homogeneous polynomials of degree n satisfying...

SUMMARY This paper provides the Shannon theoretic cod- ing theorems on the success probabilities of the impersonation attack and the substitution attack against secret-key authentica- tion systems. Though there are many studies that develop lower bounds on the success probabilities, their tight upper bounds are rarely discussed. This paper characte...

A new recursive universal code of the positive integers is
proposed, in which any given sequence can be used as a delimiter of
codeword while bit “0” is used as a delimiter in known
universal codes, e.g., Levenshtein code, Elias ω code, Even-Rodeh
code, Stout code, Bentley-Yao code, etc. The codeword length of the
proposed code is shorter than log<...